Phishing e-mail targets local Internet banking users
19th May 2005 (The Star)

PETALING JAYA: A bogus e-mail phishing for Internet banking usernames and passwords is in circulation, warns the Malaysian Computer Emergency Response Team (MyCERT).

MyCERT said yesterday it had received several reports of the "suspicious" e-mail from Internet users.

An analysis of the e-mail "indicates it is phishing email," it said.

The e-mail requests recipients who are users of Internet banking services from Hong Leong Bank, AmBank, Bumiputera Commerce Bank and Alliance Bank to "verify their e-mail address" by clicking on the appropriate link among four attached in the body of the email.

Once clicked on, the links redirect users to a phishing site with a pop-up window that requests for the username and password of their Internet banking account.

MyCERT said the phishing sites are believed to be hosted on a single machine located in Russia.

It also urged Internet users to delete the e-mail immediately if they receive it.

Following is the text of the e-mail:

Subject: Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank

Dear Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank Member,This email was sent by the Bank server to verify your e-mail address.

You must complete this process by clicking on the link below and entering in the small window your Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank online access details.

This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it.

To verify your e-mail address and access your account, click on the link below:

If You Have Hong Leong Bank Account: http://www.hlb.com.my/Y83fyKAxkpo6h2fc9nij

If You Have Alliance Bank Account:http://www.alliancebank.com.my/euDs4yqktp3iz7c290ka

If You Have Bumiputra Commerce Bank Account:http://www.channel-e.com.my/QFW64yGxMF34526zv4

If You Have AmBank Group Account:http://www.ambg.com.my/qxKM1RujhH7t87j06o0u4